Salam Houchou
Verified Expert in Engineering
Security Architect and Developer
Zürich, Switzerland
Toptal member since March 15, 2022
Salam is an IT security architect and consultant in information, cyber, and cloud security. With 20 years of experience, a master's degree in cyber security, and Microsoft Azure, GCP, and AWS security certifications, he excels in designing and implementing initiatives to manage security risks and compliance while maximizing safety and security expectations. Salam is keen on re-organizing, streamlining, and strengthening existing operations by implementing cutting-edge, cost-effective solutions.
Portfolio
Experience
- Security Architecture - 10 years
- Cybersecurity - 10 years
- Architecture - 10 years
- Cloud - 5 years
- Google Cloud Platform (GCP) - 3 years
- Amazon Web Services (AWS) - 3 years
- Azure - 3 years
- Cloud Security - 3 years
Availability
Preferred Environment
Google Cloud Platform (GCP), Application Security, Microsoft Azure, Security Architecture, Information Security, Compliance, SOC 2, AWS Cloud Security, NIST, Risk Assessment
The most amazing...
...project I've worked on is engineering, designing, and implementing information security controls to one of the biggest monitoring platforms in Switzerland.
Work Experience
Security Engineer
Solomon Labs Inc
- Led the implementation and management of cloud infrastructure on GCP and AWS, successfully configuring and optimizing services such as Cloud Run, Cloud Storage, and Compute Engine, resulting in a 30% improvement in operational efficiency.
- Achieved SOC 2 Type 1 compliance by designing and implementing security, privacy, and access controls across GCP and AWS environments, ensuring adherence to SOC 2 Trust Services Criteria for security and confidentiality. No exceptions were noted.
- Monitored and enhanced security controls across the cloud infrastructure, using native tools like GCP Security Command Center, AWS GuardDuty, and Cloud Audit Logs, ensuring continuous compliance and security monitoring.
- Developed and executed cloud data security policies for sensitive information stored in cloud services, implementing encryption at rest and in transit using AWS KMS and GCP Cloud KMS and establishing automated data sanitization processes.
SecOps Engineer (via Toptal)
Vizen Analytics, LLC
- Created a design for GCP infrastructure using GCP best practices architecture and best security practices.
- Designed secure connectivity to share data securely between the Snowflake platform and SaaS deployment on GCP.
- Built a security policy for the company and the security controls for client satisfaction.
Security Architect (via Toptal)
Colleva, Inc.
- Crafted and implemented a suite of robust security policies tailored to the company's specific needs and industry requirements. These policies covered areas such as data protection, access control, incident response, and risk management.
- Guided the company through the SOC 2 compliance process from start to finish, ensuring adherence to industry-leading security standards and best practices.
- Provided expert mentorship and support to internal teams, facilitating their understanding of SOC 2 requirements and helping them implement necessary controls and procedures.
- Leveraged Azure's built-in security features such as Azure Security Center, Azure Policy, Azure Firewall, and Azure Identity and Access Management (IAM) to enhance visibility, protect against threats, and enforce compliance requirements.
- Configured Azure Security Center to provide continuous monitoring and threat detection capabilities, allowing for real-time detection of suspicious activities, unauthorized access attempts, and potential security breaches.
- Implemented a proactive approach to security through continuous improvement and optimization of Azure security controls.
Enterprise Security Engineer (via Toptal)
Databricks - Security Team (UK)
- Strengthened, validated, and guided the implementation of security best practices across the business, focusing expertise on using processes and systems and how to use them to promote safe practices.
- Defined and developed the organization's approach to corporate assets and worked to ensure their security and availability.
- Documented security standards that IT teams can implement and use their SaaS apps for hardening.
- Architected security controls for SaaS integrations against security frameworks.
- Provided security controls for diverse applications and infrastructure in multi-cloud environments, including AWS, Azure, and GCP.
Security Consultant
CRYPTO AG
- Designed and deployed hardened network and security architectures for global military, defense, and government customers. Presented information on infrastructure plans, progress, and resolution of information security gaps to higher management.
- Executed complex projects and delivered essential security and business requirements by leveraging existing processes, assessing, managing, and reporting risks and issues, and providing mitigation options to key stakeholders.
- Reinforced information security across all government departments and established a security operations center.
Experience
Remote Access Solution
• Deploying the business application and handling the distribution for 20 thousand users
• Identifying design and security gaps in the existing and proposed architectures
• Recommending changes and improvements
e-Government Security
• Designing and developing hardened network and security architectures
• Presenting infrastructure plans, progress data, and solutions for information security gaps
• Leveraging existing security processes
• Assessing, managing, and reporting risks and issues and providing mitigation options
Security Management Project
• A data loss prevention (DLP) solution
• Content filtering
• Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS)
• Endpoint protection
• Log management
• Analytics solutions
Education
Master of Science Degree in Cyber Security
University of Liverpool - Liverpool, United Kingdom
Certifications
AWS Solutions Architect Professional
Amazon Web Services
Microsoft Certified: Azure Security Engineer Associate
Microsoft
AWS Certified Security - Specialty
Amazon Web Services (AWS)
Aviatrix Certified Engineer Multi-Cloud Network Associate
Aviatrix
AWS Certified Solutions Architect Associate
AWS
Skills
Libraries/APIs
OpenID
Tools
GitHub, ConfigServer Security & Firewall (CSF), Terraform, GCP Security, Microsoft Power Apps, CloudOps, VPN, OpenVPN, Jira, Confluence, Google Kubernetes Engine (GKE), Microsoft Identity Manager, Google Workspace, Azure Kubernetes Service (AKS), Logging, Amazon EKS
Languages
SQL, SAML, Snowflake
Paradigms
DevSecOps, DevOps, Penetration Testing
Platforms
Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), CrowdStrike, Kubernetes, Linux, Microsoft, Windows
Industry Expertise
Cybersecurity, Telecommunications, Insurance, Network Security, Security Advisory
Storage
Database Security, Google Cloud, Azure Cloud Services, Azure Active Directory
Other
CyberArk, Firewalls, Intrusion Prevention Systems (IPS), SaaS, Architecture, Networking, SIEM, Cryptography, Cloud, Enterprise Risk Management (ERM), AWS Cloud Security, Cloud Security, Security Architecture, IP Networks, Security Engineering, Security, Remote Access Security, IT Security, Compliance, Consulting, ISO 27001, Okta, NIST, Documentation, SecOps, Endpoint Security, FedRAMP, Vulnerability Management, Application Security, Microsoft Azure, Information Security, ISO 27002, Financial Services, Data Privacy, Pharmaceuticals, Identity & Access Management (IAM), Threat Modeling, Cloud Architecture, Networks, Cisco, Palo Alto Networks, Risk Management, Web Security, Web App Security, Vulnerability Assessment, Single Sign-on (SSO), SOC 2, System Administration, Monitoring, Intrusion Detection Systems (IDS), Security Policies & Procedures, Audits, Zero Trust, SAML-auth, OWASP, Data Protection, Group Policy, IT Governance, Data Governance, Governance, GRC, CISO, Computer Security, Load Balancers, Scaling, Security Management, Risk Assessment, Information Assurance, Stakeholder Management, Critical Security Controls (CIS Controls), Detection Engineering, Data Encryption, Threat Intelligence, Data Integrity Testing, CI/CD Pipelines, GDPR, OAuth, Managed Security Service Providers (MSSP), Data Loss Prevention (DLP), IDS/IPS, Endpoint Detection and Response (EDR), SaaS Security, Infrastructure Security, Network Architecture, Cloud Infrastructure, IPsec, Network Engineering, Cloudflare, AWS Certified Solution Architect, Vulnerability Scanning, Certifications, Data Migration, Azure Cloud Security, Advisory, Infrastructure, Managed Services, Security Information and Event Management (SIEM), Risk Analysis, Root Cause Analysis, Infrastructure as Code (IaC), APIs, CMC, Communication, Active Directory (AD), Privileged Access Management (PAM), Enterprise Cybersecurity, Akamai, Email, Computer Networking, TCP/IP, Routing, Cybersecurity Operations, SOC Compliance, Encryption, Software Development Lifecycle (SDLC), Microsoft Entra, AWS Cloud Architecture, Security Audits, Microsoft 365, Shell Scripting, Forensics, IT Audits, Web Application Firewall (WAF)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring